Module sodiumoxide::crypto::aead::aes256gcm [−][src]
Expand description
WARNING: Despite being the most popular AEAD construction due to its use in TLS, safely using AES-GCM in a different context is tricky. No more than ~ 350 GB of input data should be encrypted with a given key. This is for ~ 16 KB messages - actual figures vary according to message sizes. In addition, nonces are short and repeated nonces would totally destroy the security of this scheme. Nonces should thus come from atomic counters, which can be difficult to set up in a distributed environment. Unless you absolutely need AES-GCM, use the default AEAD export instead - it doesn’t have any of these limitations. Or, if you don’t need to authenticate additional data, just stick to secretbox.
AES primitives will not be made available unless your runtime CPU is x86/x86_64 with support for the AES-NI instruction set and the CLMUL instruction (Westmere and beyond).
Structs
| Aes256Gcm | The Aes256Gcm struct encapsulates the crypto_aead_aes256gcm_* family of functions in a way that ensures safe usage of the API at runtime without incurring a per function call cost. |
| Key |
|
| Nonce |
|
| Tag | Authentication |
Constants
| KEYBYTES | Number of bytes in a |
| NONCEBYTES | Number of bytes in a |
| TAGBYTES | Number of bytes in an authentication |
Functions
| is_available |
|